Cache Authorization Policies

Details

Added a way to cache authorization policies so every authorization enforcement request does not have to make a remote call. Caching is configurable - it can be enabled by setting security.authorization.cache.enabled to true. TTL for cache entries (security.authorization.cache.ttl.secs) as well as refresh interval (security.authorization.cache.refresh.interval.secs) is also configurable.

Added a way to cache authorization policies so every authorization enforcement request does not have to make a remote call. Caching is configurable - it can be enabled by setting security.authorization.cache.enabled to true. TTL for cache entries (security.authorization.cache.ttl.secs) as well as refresh interval (security.authorization.cache.refresh.interval.secs) is also configurable.

Rank:

1|hzz6jr:

Description

In order to reduce the number of RPCs to the Sentry server, it would be good to cache the ACLs. Here is an example of how it is implemented in Impala: